Need a anti-keylogger

Also, what point in the scan was SP detected? Would spycop trial (75%) of files scanned find it in your opinion?

 

Spy Sweeper may have killed it? Mabee run some kind of cleaner to scan for obsolete files?

But Holy crap SP loggs everything you can possibly think of, its just like their standing right behind you watching every move you make!

Wile it was actively monitoring my machine!

Probably Not!

The main symptoms of SP was my Machine kept freezing! I went ahead and uninstalled it from my testing machine, as I was using it for testing purposes only, and it was getting on my nerves!

I would say get Returnil and use a Virtual OS when your surfing the net, and messing around, then you can just restart your OS, and it will be returned back to its normal state before you do anything serious so not to compromise your privacy!

 

Brought out Spycop full version to find the scoundrel, didnt detect anything. I'm going to conclude that either:

a) Spy Sweeper gave me an unusual false positive or misdiagnosed something else as Spector Pro, and Spector was never actually on my machine

b) The hacker/spy saw I was onto him (I guess with Spector it would be easy to find out lol) and took Spector off, or he took it off months ago anyway

c) I have some crazy reverse-engineered super-spector in my computer that is unstoppable (unlikliest scenario thankfully)



I'll be doing a more advanced spycop scan later today to be sure

 

I saw you asking on your other thread about how the monitoring software could have gotten on your computer since everyone in your family said they didn't put it there. Many commercial keyloggers have a remote installation feature wherein email is used to secretly install on your pc. Check out this Goggle search to see examples of what I am talking about.

And since you are learning so much about keyloggers, might as well check out one way to look for hardware keyloggers.

I'm glad you now have SpyCop in your toolbox.

 

I find it so mind-boggling that the whole remote-install feature is legal in the first place. If these commercial keylogger products were really intended for parents and bosses (as the developers claim), then remote install wouldn't normally be needed. With a possible few exceptions (such as the police), only criminals seen to benefit from remote-installation. Its basically a legalized trojan horse!

Those hardware keyloggers, while still a keylogger, seem somewhat more legit, as someone thousands of miles away cant put one on your computer!

 

Make sure you have 656 detectable items in your SpyCop database (Help/About). And it sounds like you are going to do a Super Stealth Mode scan later? Very good. Per the FAQ file...

"Super STEALTH Mode will temporarily revert your system to the way it was after a fresh Windows installation. Any non-standard programs will be closed automatically, including Spy programs. NO FILES ARE MODIFIED ON YOUR DISK...this feature only manipulates programs loaded in memory."

Good luck.

 

Spouses spying on spouses, or ex-spouses spying on ex-spouses are probably big fans of remote installations. Or stalkers. They don't have physical access to their victim's computer, so they seek an alternate route.

The hardware keyloggers are big on public computers, like ones in hotel lobbies, etc. They are so easy to install and unless someone knows what to look for, they tend to blend in.

 

They all certainly look like the ones for remote installations. And hackers too I'm sure.

That makes sense about hardware keyloggers, as I'm sure library/school officials don't actively check for them. The keylogger owner could get so much information about so many people that way.

 

I think that Spy Sweeper probably did its job when you pushed the button to fix the problem!

I didn't realize you were talking about Webroot Spy Sweeper, they supposedly have the best Anti-Spyware Software according to Top Ten Reviews!

~Link removed. The site is not recommended by Wilders. - Ron~

 

Spy Sweeper has worked decently for me, but for the spector it only detected 1 file and that file was pretty random (it was actually a part of spy sweeper itself called ztvunrar3.dll, which to me indicates that the spector files were manually hidden/named cleverly throughout my system in places unlikely to be searched)!

 

I see that the file ztvunrar3.dll is also installed by a fake spyware remover called SpyBro (SpyBrowser). Do you have spybro.exe on your system, or a SpyBro folder in your Programs menu?

 

Not that I'm aware of, but I'll certainly take a look and do a little digging. I used to be a reckless fool when it came to the internet, so I wouldn't be surprised if I somehow got it onto my system.

 

use malwarebytes antimalware..it will get rid of your problems

 

A-squared free reports it detects/removes the Spector program. See malware database:
http://www.emsisoft.com/en/support/malware/

See analysis:
http://www.emsisoft.com/en/malware/?Adware.Win32.Spector

This may sound 'dumb', but if this program is being widely used by partners spying on partners, and if the program is usually installed 'stealth', should users just hit the default Spector 'hotkey', which is CTRL+SHIFT+ALT+S, to see if anything (console/login password) shows up? Yes this hotkey may change, but many I'm sure would keep it default.
http://images.emsisoft.com/Spector_4.jpg

 

That doesnt sound dumb at all, actually I think lots of people have found Spector that way! It didnt work for me, but I've heard of it working for many others.

 

Well Webroot FINALLY gave me an adequete response, saying they have never heard of a Spector false positive or a fp involving ztvunrar3.

BUT, that doesnt necessarily mean this isnt a FP correct?

 

Thats because Webroot spysweeper already killed it!

 

Remnants of spy software isn't going to hurt you. If the program is gone but a few stray files left, you're OK. It's like any other program, they need most everything to operate. I can have remnants of Microsoft Word, but if it's only a few stray language files, that doesn't mean I have an operable copy of MS Word.

This is a good time to mention again the value of a clean system image that you can just turn around and slap on in ten minutes or so. If you suspect anything, just go to the known clean image state. It sure saves a lot of trouble in the long run.

 

Spy Sweeper got rid of only 1 file though, Spector has a lot more than that!

No point in worrying now, but I just wish webroot could have confirmed it as a false positive

 

After reading this and some older threads on key loggers in the forums, it would seem that the Elite keylogger is one of the preferred for testing purposes. So I decided to do a little testing of my own with Antilogger.

I installed the Antilogger trial and this Elite keylogger trial and I got the same results as Warlockz. All I got was a little warning from Antilogger at install of Elite, but after that it did nothing to stop the keylogger. All my key strokes were logged by the Elite keylogger with Antilogger running. And I installed Antilogger before I installed Elite.

The warning from Antilogger said "routsvr.exe is trying to copy itself into registry in order to be started together with system. Allow this application only if you think it is a legitimate application." But that tells me little about if it was a keylogger or not. But anyway Antilogger still did nothing after that to stop the Elite keylogger from logging key strokes.

I really expected better from Zemana. It seems they're charging $39.50 a year for a program that it would seem is not too good at defending against key stroke loggers. I didn't try any of the real wimpy keyloggers, so I'm not sure if Antilogger would prevent those from working.

But what did surprise me was Key Scrambler free version did prevent Elite keylogger from logging key strokes when I was using my browser. Even if I installed Elite first, before Key Scrambler. I really like Key Scrambler now, it has proved itself worthy in my eyes.

Funny though was Threatfire free did absolutely nothing upon install of Elite or thereafter to prevent key strokes from being logged. Another disappointment from a program I thought would do far better. Well, I guess it's still good against other kinds of scumware.

 

I have contacted Zemana and notified them about this. They replied quickly with the following:

Thank you for contacting Support.

Latest version of Spector has a legit digital certificate signed by VeriSign with the common name SpectorSoft Corp.
By default AntiLogger does not alert for suspicious applications signed by trusted CA (Certificate Authority).
Anyway In the next version of AntiLogger we will revoke that certificate.

Temporarily you can protect your system by disabling that options from AntiLogger settings panel by selecting
"Ask user for all other certified applications" checkbox.

We appreciate your patience and understanding in this matter.

I think Antilogger is a good product and seems to be actively developed. Probably better to work with the developers in supporting them by pointing out any failings of the product, than just write it off.

Lets see if they do indeed resolve these issues.

MZ

 

I use Keyscrambler Premium. Someone mentioned that it does not cover the clipboard though. But evidently you cannot always trust Zemana either.

 

Best Buy geek squad just got 2 trojans and a keylogger off the computer (I dont know the specifics yet, I haven't looked at the report), I'm not sure how they did it when norton antivirus 2009, malwarebytes, superantispyware, spycop, spy sweeper with antivirus, etc. all failed to detect/remove them.

 

Maybe the trojans and keylogger were hidden by a rootkit?

But from what I've read about those programs you mentioned is they're not that good at detecting/removing keyloggers anyway.

Spycop, which would probably be the best of the bunch at detecting keyloggers, will only detect commercial keyloggers, but probably wouldn't find any private builds.

 

Maybe, Spysweeper was detecting a potential rootkit when run in safe mode.

This whole thing is a major headache, that keylogger must have been spying on me for a while. I hope none of you ever have to deal with these stupid stealth keyloggers.